Replies: 1 comment
-
|
see: https://github.com/OpenIDC/mod_auth_openidc/wiki/Step-up-Authentication and https://github.com/OpenIDC/mod_auth_openidc/blob/v2.4.13.2/auth_openidc.conf#L900-L911 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello Team
I have multiple application protected by path in apache.
Each application will receive different header which is assesed using Require claim.
If abc application with I4 is accessed first then the xyz accessed no issues
But if xyz accessed with I2 first and then I4 application (from lower value to higher) results in unauthorized error
I want to re-authenticate user with I4(MFA)
Is there any tricks in oidc that can help to resolve this issue?
Example:
Server name
Oidcredirecturi /redirect t_uri/
Oidcscope openid profile
Oidcprovideruri
Oidc clientsecret {123}
Oidcclientid {123}
<location /abc>
AuthType openid-connect
OIDCAuthRequestParams acr_values=I4
Require claim acr:I4
ProxyPass https://example.com/abc
ProxyPassReverse https://example.com/abc
<location /xyz>
AuthType openid-connect
OIDCAuthRequestParams acr_values=I2
Require claim acr:I4
Require claim acr:I3
Require claim acr:I2
ProxyPass https://example.com/xyz
ProxyPassReverse https://example.com/xyz
I had referred this past discussion and using Required All which results in unauthorized page
#742
Beta Was this translation helpful? Give feedback.
All reactions